GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ItzNotABug → CheckoutVerifier

ItzNotABug / CheckoutVerifier

Licence: Apache-2.0 License
Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.

Programming Languages

kotlin
9241 projects

Labels

androidandroid-securityandroid-protect-appsandroid-protectionandroid-in-app-billingandroid-iapandroid-in-app-purchase

Projects that are alternatives of or similar to CheckoutVerifier

Fingerprint Android
Swiss army knife for identifying and fingerprinting Android devices.
Stars: ✭ 146 (+204.17%)
Mutual labels:  android-security
Awesome Reverse Engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
Stars: ✭ 2,954 (+6054.17%)
Mutual labels:  android-security
SSBiometricsAuthentication
Biometric factors allow for secure authentication on the Android platform.
Stars: ✭ 87 (+81.25%)
Mutual labels:  android-security
Ovaa
Oversecured Vulnerable Android App
Stars: ✭ 152 (+216.67%)
Mutual labels:  android-security
Android Security
Android Security Resources.
Stars: ✭ 207 (+331.25%)
Mutual labels:  android-security
Cwac Netsecurity
CWAC-NetSecurity: Simplifying Secure Internet Access
Stars: ✭ 239 (+397.92%)
Mutual labels:  android-security
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+3727.08%)
Mutual labels:  android-security
mobileAudit
Django application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (+191.67%)
Mutual labels:  android-security
Insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+350%)
Mutual labels:  android-security
apkutil
a useful utility for android app security testing
Stars: ✭ 52 (+8.33%)
Mutual labels:  android-security
Androidlibrary
Android library to reveal or obfuscate strings and assets at runtime
Stars: ✭ 162 (+237.5%)
Mutual labels:  android-security
Apk Medit
memory search and patch tool on debuggable apk without root & ndk
Stars: ✭ 189 (+293.75%)
Mutual labels:  android-security
remote-adb-scan
pure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-60.42%)
Mutual labels:  android-security
Apkleaks
Scanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+5539.58%)
Mutual labels:  android-security
android-webauthn-authenticator
A WebAuthn Authenticator for Android leveraging hardware-backed key storage and biometric user verification.
Stars: ✭ 101 (+110.42%)
Mutual labels:  android-security
Atfuzzer
"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019
Stars: ✭ 128 (+166.67%)
Mutual labels:  android-security
Android Pin Bruteforce
Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
Stars: ✭ 217 (+352.08%)
Mutual labels:  android-security
Damn-Vulnerable-Bank
Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
Stars: ✭ 379 (+689.58%)
Mutual labels:  android-security
dumproid
Android process memory dump tool without ndk.
Stars: ✭ 55 (+14.58%)
Mutual labels:  android-security
fingerprintjs-android
Swiss army knife for identifying and fingerprinting Android devices.
Stars: ✭ 336 (+600%)
Mutual labels:  android-security
View All Similar Projects ➔

CheckoutVerifier

Codacy Badge

CheckoutVerifier helps you Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.
Since I was using these classes in every project, the copy / pasting of classes was annoying so thought of releasing it as a library which might be of help to others too!

How does it work?

Well, the library sends the Signed Json Response & Signature that you receive after a purchase is completed on a specified server url where it checks the signature of that response data with your BASE64 Key provided to you in your Developer Console.

Set Up

* Get Licensing API Key

Navigate to Developer Console & Select your App.
Go to Development Tools > Services & API.
Copy the BASE64 Licensing Key

* Creating a Verifying PHP File

Just a create a File & name it as verify.php or anything you want.
Paste the following code in it & Upload it to your server.

<?php
    $data = $_GET['jsonResponse'];
    $signature = $_GET['signature'];
    $key_64 = "YOUR BASE64 KEY THAT YOU GOT FROM DEVELOPER CONSOLE, THERE SHOULD BE NO SPACES!";

    $key =  "-----BEGIN PUBLIC KEY-----\n".
            chunk_split($key_64, 64,"\n").
            "-----END PUBLIC KEY-----";

    $key = openssl_get_publickey($key);

    $ok = openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1);
    if ($ok == 1) {
        echo "verified";
    } elseif ($ok == 0) {
        echo "unverified";
    } else {
        die ("fault, error checking signature");
    }

    openssl_free_key($key);
?>

* Implementing Library (Gradle)

Note: Add mavenCentral() in repositories block.

dependencies {
    // CheckoutVerifier now internally uses Kotlin Coroutines.
    implementation 'com.lazygeniouz:checkout-verifier:$library_version'
}

* CheckoutVerifier

Just pass on the required PurchaseBundle in the Constructor & call authenticate();
The authenticate() returns a Result object.

If the connection to the server was successful & a result was returned,
CompletionResult(isVerified: Boolean) is returned,
ErrorResult(exception: Exception) otherwise.


Example:

yourScope.launch {
    val purchaseBundle = PurchaseBundle(url, jsonResponse, signature)
    when (val result = CheckoutVerifier(purchaseBundle).authenticate()) {
        is CompletionResult -> {
            val verified = result.isVerified
            // Do something
        }
      is ErrorResult -> Log.d(TAG, result.exception.message)
    }
}
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].